Devices generate and send device characteristics to servers, so that the servers use the received device characteristics and relevant user information for device identification. At present, most of mainstream device identification methods generate device identifiers on the device side based on simple hardware/software environment characteristics, and then identify devices through recording these device identifiers on server sides.
However, device identification methods in the prior art have the following disadvantages. First, attackers may hijack network messages or system calls to steal device identifiers on networks or in operating systems. Thus, user identities may be falsified, which causes loss to the device users. Second, no characteristic of applications installed in the devices is considered by these methods. Device identities captured by the applications are the same, and therefore, there is a risk of information leakage.